diff options
author | Nicolas Geoffray <ngeoffray@google.com> | 2015-06-18 11:11:27 +0100 |
---|---|---|
committer | Nicolas Geoffray <ngeoffray@google.com> | 2015-06-22 10:18:29 +0100 |
commit | 753f1fb083d5221f51b1d60d4089a33527ae5bc9 (patch) | |
tree | 0713aa481de6523617897300005e2e3cc81f8f89 /compiler | |
parent | ff82263e2b96ad099c56c19b91c2286baaf82fa7 (diff) | |
download | art-753f1fb083d5221f51b1d60d4089a33527ae5bc9.zip art-753f1fb083d5221f51b1d60d4089a33527ae5bc9.tar.gz art-753f1fb083d5221f51b1d60d4089a33527ae5bc9.tar.bz2 |
Bailout from compilation if an invoke is malformed.
Because the verifier does not check trivially dead instructions,
the compilers must prepare for bogus instructions. This change
fixes the case the arguments for an invoke do not match the
formal parameters.
bug:21865459
(cherry picked from commit 2e33525bd4eb892246b4c244c6d4ebf6c6d07501)
Change-Id: I392f86eafefde28263fe35a31f17b398ff8dfc24
Diffstat (limited to 'compiler')
-rw-r--r-- | compiler/optimizing/builder.cc | 43 | ||||
-rw-r--r-- | compiler/optimizing/optimizing_compiler_stats.h | 2 |
2 files changed, 35 insertions, 10 deletions
diff --git a/compiler/optimizing/builder.cc b/compiler/optimizing/builder.cc index c2a9b5c..a53c488 100644 --- a/compiler/optimizing/builder.cc +++ b/compiler/optimizing/builder.cc @@ -605,7 +605,12 @@ bool HGraphBuilder::BuildInvoke(const Instruction& instruction, const char* descriptor = dex_file_->StringDataByIdx(proto_id.shorty_idx_); Primitive::Type return_type = Primitive::GetType(descriptor[0]); bool is_instance_call = invoke_type != kStatic; - size_t number_of_arguments = strlen(descriptor) - (is_instance_call ? 0 : 1); + // Remove the return type from the 'proto'. + size_t number_of_arguments = strlen(descriptor) - 1; + if (is_instance_call) { + // One extra argument for 'this'. + ++number_of_arguments; + } MethodReference target_method(dex_file_, method_idx); uintptr_t direct_code; @@ -616,7 +621,8 @@ bool HGraphBuilder::BuildInvoke(const Instruction& instruction, if (!compiler_driver_->ComputeInvokeInfo(dex_compilation_unit_, dex_pc, true, true, &optimized_invoke_type, &target_method, &table_index, &direct_code, &direct_method)) { - VLOG(compiler) << "Did not compile " << PrettyMethod(method_idx, *dex_file_) + VLOG(compiler) << "Did not compile " + << PrettyMethod(dex_compilation_unit_->GetDexMethodIndex(), *dex_file_) << " because a method call could not be resolved"; MaybeRecordStat(MethodCompilationStat::kNotCompiledUnresolvedMethod); return false; @@ -738,19 +744,29 @@ bool HGraphBuilder::BuildInvoke(const Instruction& instruction, start_index = 1; } - uint32_t descriptor_index = 1; + uint32_t descriptor_index = 1; // Skip the return type. uint32_t argument_index = start_index; if (is_string_init) { start_index = 1; } - for (size_t i = start_index; i < number_of_vreg_arguments; i++, argument_index++) { + for (size_t i = start_index; + // Make sure we don't go over the expected arguments or over the number of + // dex registers given. If the instruction was seen as dead by the verifier, + // it hasn't been properly checked. + (i < number_of_vreg_arguments) && (argument_index < number_of_arguments); + i++, argument_index++) { Primitive::Type type = Primitive::GetType(descriptor[descriptor_index++]); bool is_wide = (type == Primitive::kPrimLong) || (type == Primitive::kPrimDouble); - if (!is_range && is_wide && args[i] + 1 != args[i + 1]) { - LOG(WARNING) << "Non sequential register pair in " << dex_compilation_unit_->GetSymbol() - << " at " << dex_pc; - // We do not implement non sequential register pair. - MaybeRecordStat(MethodCompilationStat::kNotCompiledNonSequentialRegPair); + if (!is_range + && is_wide + && ((i + 1 == number_of_vreg_arguments) || (args[i] + 1 != args[i + 1]))) { + // Longs and doubles should be in pairs, that is, sequential registers. The verifier should + // reject any class where this is violated. However, the verifier only does these checks + // on non trivially dead instructions, so we just bailout the compilation. + VLOG(compiler) << "Did not compile " + << PrettyMethod(dex_compilation_unit_->GetDexMethodIndex(), *dex_file_) + << " because of non-sequential dex register pair in wide argument"; + MaybeRecordStat(MethodCompilationStat::kNotCompiledMalformedOpcode); return false; } HInstruction* arg = LoadLocal(is_range ? register_index + i : args[i], type); @@ -759,7 +775,14 @@ bool HGraphBuilder::BuildInvoke(const Instruction& instruction, i++; } } - DCHECK_EQ(argument_index, number_of_arguments); + + if (argument_index != number_of_arguments) { + VLOG(compiler) << "Did not compile " + << PrettyMethod(dex_compilation_unit_->GetDexMethodIndex(), *dex_file_) + << " because of wrong number of arguments in invoke instruction"; + MaybeRecordStat(MethodCompilationStat::kNotCompiledMalformedOpcode); + return false; + } if (clinit_check_requirement == HInvokeStaticOrDirect::ClinitCheckRequirement::kExplicit) { // Add the class initialization check as last input of `invoke`. diff --git a/compiler/optimizing/optimizing_compiler_stats.h b/compiler/optimizing/optimizing_compiler_stats.h index b6b1bb1..6d340e2 100644 --- a/compiler/optimizing/optimizing_compiler_stats.h +++ b/compiler/optimizing/optimizing_compiler_stats.h @@ -37,6 +37,7 @@ enum MethodCompilationStat { kNotCompiledClassNotVerified, kNotCompiledHugeMethod, kNotCompiledLargeMethodNoBranches, + kNotCompiledMalformedOpcode, kNotCompiledNoCodegen, kNotCompiledNonSequentialRegPair, kNotCompiledPathological, @@ -105,6 +106,7 @@ class OptimizingCompilerStats { case kNotCompiledClassNotVerified : return "kNotCompiledClassNotVerified"; case kNotCompiledHugeMethod : return "kNotCompiledHugeMethod"; case kNotCompiledLargeMethodNoBranches : return "kNotCompiledLargeMethodNoBranches"; + case kNotCompiledMalformedOpcode : return "kNotCompiledMalformedOpcode"; case kNotCompiledNoCodegen : return "kNotCompiledNoCodegen"; case kNotCompiledNonSequentialRegPair : return "kNotCompiledNonSequentialRegPair"; case kNotCompiledPathological : return "kNotCompiledPathological"; |